Dr. Prokopios Drogkaris


Supporting security of personal data processing

One of the core obligations for all businesses acting either as data controllers or data processors, in GDPR is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability and should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk). Even if this risk-based approach is not a new concept only a few specific privacy risk assessment frameworks have been presented, focusing principally on the evaluation of risks to personal data and adoption of relevant security measures.

Dr. Prokopios Drogkaris is an Officer in Network and Information Security at ENISA, the European Union Agency for Network and Information Security. His interests focus on privacy and data protection, security certification and trust services. Previously, he was involved in several EU funded research projects in the greater area of Information Security and he held teaching assistant positions in higher education institutions.